Manually Add a Linux Instance (Simple AD and Microsoft AD)

In addition to Amazon EC2 Windows instances, you can also join certain Amazon EC2
Linux instances to
a Simple AD or AWS Directory Service for Microsoft Active Directory (Enterprise Edition)
directory. The following Linux instance distributions and versions are
supported:

Amazon Linux AMI 2015.03

Red Hat Enterprise Linux 7.2

Ubuntu Server 14.04 LTS

CentOS 7

Note

Other Linux distributions and versions may work but have not been tested.

Prerequisites for Joining an Instance to a Simple AD or Microsoft AD
Directory

When using Simple AD, if you create a user account on a Linux instance with the option
"Force user to change password at first login," that user will not be able to initially
change their password using kpasswd. In order to change the password the first time, a domain administrator must update
the user password using the Active Directory Management Tools.

Some of the following procedures, if not performed correctly, can render your instance
unreachable or unusable. Therefore, we strongly suggest you make a backup or take
a
snapshot of your instance before performing these procedures.

To join a Linux instance to a Simple AD or Microsoft AD directory

Connect to the instance using any SSH client.

Configure the Linux instance to use the DNS server IP addresses of the AWS Directory
Service-provided DNS servers. You can do this either by setting it up in the DHCP
Options
set attached to the VPC or by setting it manually on the instance. If you want to
set it
manually, see How do I assign a static DNS server to a private Amazon EC2 instance in the AWS
Knowledge Center for guidance on setting the persistent DNS server for your particular
Linux
distribution and version.

Make sure the instance is up to date.

Amazon Linux - 64bit/Red Hat - 64bit/CentOS 7

Copy

$ sudo yum -y update

Ubuntu - 64bit

Copy

$ sudo apt-get update
$ sudo apt-get -y upgrade

Install the required packages on your Linux instance.

Note

Some of these packages may already be installed.

As you install the packages, particularly in Ubuntu, you might be presented with several
pop-up configuration screens. You can generally leave the fields in these screens
blank.

Connecting to the Instance

When a user connects to the instance using an SSH client, they are prompted for their
username. The user can enter the username in either the
username@example.com or EXAMPLE\username
format. The response will appear similar to the following: